InformationWeek
Defining The Business Value Of Technology
All Security Stories
Chrome OS: There Will Be Local Storage
Despite what Google says, not all data will be in the cloud.
China Cyber Espionage Threatens U.S., Report Says
A Congressional advisory report warns that cyber attacks against defense computers are on the rise.
Google Chrome OS Depends On Hardware Partners
Despite its focus on the Web -- a platform with proven appeal -- Chrome OS will also need compelling hardware to compete against Apple's anticipated tablet and Windows netbooks.
Google Releases Chrome OS Code
Developers can now participate in the Chrome OS open source project and help Google bring its new operating system to market next year.
Lawmakers Slam Deceptive Web Marketers
Post-transaction marketing abuses bring calls for stronger oversight.
Mozilla Releases Firefox 3.6 Beta 3
The third beta version of the next Firefox sports speed and stability improvements.
In-Q-Tel Invests In Cybersecurity Company
The venture arm of the U.S. intelligence community, In-Q-Tel, has invested an unknown sum in FireEye, which sells a cybersecurity appliance.
Bill Would Ban P2P Use By Federal Employees
Proposed legislation would prohibit use of P2P software like BitTorrent or Limewire on government computers and set policies for employees and contractors.
T-Mobile Says Employees Sold Customer Data
A report issued by the U.K. Information Commission's Office calls for action against the unlawful sale of personal data.
Healthcare Affiliates Unprepared For Data Breaches
Patient privacy is at risk from the companies that healthcare providers do business with, study says.
Cyber Warfare Warning Sounded
In its annual report on cybercrime, McAfee says that the age of cyber warfare has arrived.
National Cyber Incident Response Plan Coming
FBI, Homeland Security, and Justice Department officials drop hints of future cybersecurity policy and projects at a Senate hearing.
Most Security Products Fail Initial Certification Tests
A study based on the testing of thousands of security products over 20 years finds that most require several rounds of testing before achieving certification.
Blue Cross Blue Shield Data Breach Investigated
Connecticut's attorney general is looking for tougher protection for healthcare providers after records, which could be useful to identity thieves, were lost.
7 Cloud Computing Myths Busted
Amazon, Google, Microsoft and others are investing aggressively in the cloud, even as critics point to security, reliability, and compatibility issues. We cut through the fog.
IBM Offers Security Software For Virtualization
The product secures each layer of the infrastructure of a VMware vSphere virtual server.
Tech Giants Aim To Master Disaster
Microsoft, Google, Yahoo form alliance to develop software solutions for improving emergency response efforts.
Interop New York: Spotlight On Cloud Computing, Networking, Virtualization
The networking techfest, Nov. 16-20, will illuminate today's most important IT trends and technologies.
Global CIO: Cloud Computing's New Name: 500 Reader Suggestions!
The CEOs of HP and IBM say "cloud computing" is a lousy name, so we asked you to come up with a new term--and your 500 responses tell us a lot about ourselves.
Microsoft Investigating Zero-Day Windows 7 Flaw
The vulnerability was released the day after Microsoft issued its November patches.
Adobe Flash Security Model Permits Malware
Web sites that allow user-generated content could be risking attack due to Flash's permissive security model.
Government IT Confronts Security Threats Daily
External attacks, malware, lost devices, and internal threats pose ongoing security challenges for many federal agencies, according to a new report.
Four Indicted In $9 Million RBS WorldPay Hack
One of most sophisticated computer hacking rings in the world has been broken, claims Acting U.S. Attorney Sally Quillian Yates.
'Conficker' Computer Virus Going Strong
The Conficker and Taterf worms are still going strong a year after they made their first appearances, security experts report.
Microsoft Demands Takedown Of Bing Cash Exploit
A flaw Microsoft's Bing cashback program allowed startup co-founder Samir Meghani get credit for over $2,000 in rebate cash through fake purchases.
Microsoft Patch Brings Windows Kernel Warning
A Windows kernel vulnerability addressed in a November security bulletin should be patched immediately, Microsoft recommends.
Department Of Interior Fails Cybersecurity Audit
An inspector general assessment of the agency's IT security performance finds poor governance, unqualified staff, and defense technologies that were paid for but not implemented.
Healthcare Providers Face Security Challenges
Three-quarters of organizations that conduct formal risk assessments have found patient data at risk, study says.
Healthcare IT Career Tips
IT pros without clinical experience shouldn't rule out possible transitions into emerging healthcare IT jobs.
Apple Releases Snow Leopard Security Patch
Mac OS X 10.6.2 addresses security and stability issues, and resolves a file deletion bug involving Guest accounts.
9 In 10 Web Apps Have Serious Flaws
The 10 most severe software vulnerabilities during the first half of 2009 affected software from Apache, Citrix, IBM, SAP, Sun, and Symantec, among other organizations.
Microsoft: Windows 7 Malware Threat 'Sensationalized'
Software maker claims tests by security vendor don't tell the whole story.
Is Antivirus Software Dead?
Always-on Internet connectivity is keeping malware concerns alive and well. We examine whether antivirus software is up to the task, or whether it's a security solution of the past.
Microsoft Plans Fixes For 15 Security Flaws
November's patch day is about half the size of October's massive fix.
Microsoft Expresses Cloud Privacy Commitment, Concerns
In a policy paper, Microsoft affirms its support for privacy in the cloud and calls for regulatory clarity.
Serious SSL Vulnerability Found
A vulnerability in the most common data security protocol on the Internet could allow secure Web sessions to be hijacked.
Enterprise 2.0: Novell, SAP, ThoughtWorks Ride Google Wave
Business software vendors have begun building on the Wave platform as Google promises a Wave App Store.
Bank IT Worker Charged In $1.1 Million Fraud
A computer technician has been indicted for stealing the identities of 150 Bank of New York employees, as well as for grand larceny and money laundering.
Worms Invade Corporate Computers, Microsoft Finds
In its latest Security Intelligence Report, Microsoft documents the doubling of worms in enterprises during the first half of 2009.
Pressure Grows To Name National Cybersecurity Coordinator
Five months after President Obama announced plans to appoint a cybersecurity coordinator, some members of Congress are getting impatient and pressing for action.
Global CIO: Juniper Attacks Cisco Head-On With Help Of IBM And Dell
Sensing Cisco is distracted with its non-networking ventures as CIOs are growing unhappy with rising network costs, Juniper is going after Cisco full-bore with key new products and partners.
Federal CIO Kundra Plans Cybersecurity Dashboard
The White House, which recently introduced a FISMA reporting tool, outlines plans for new cybersecurity metrics and a dashboard for tracking progress.
Facebook Wins $711 Million From Spammer
In addition to financial damages, Sanford Wallace, among the first to be crowned "Spam King," may face jail time.
Catbird Monitoring VMs In Amazon EC2
A version of Catbird's vSecurity Cloud Edition is available as an app in Amazon's EC2-approved catalog of application services.
Amazon Introduces PayPhrase Payment Shortcut
Online merchants can use Amazon's passphrase payment scheme to ease the friction of online commerce.
NSA To Build $1.5 Billion Cybersecurity Data Center
The massive complex, comprising up to 1.5 million square feet of building space, will provide intelligence and warnings related to cybersecurity threats across government.
Global CIO: Hewlett-Packard's Hurd Says Bad IT Means A Bad CEO
Hurd offers a startling observation about how the roots of bad IT almost always reside in the corner office, and he explains how HP attempts to address the needs of both the CEO and the CIO.
Google's 'Gov Cloud' Wins $7.2 Million Los Angeles Contract
The City of Los Angeles plans to replace its Novell GroupWise e-mail system with Google Apps, partly using anti-trust settlement money paid by Microsoft.
Google CEO Imagines Era Of Mobile Supercomputers
The future, as Eric Schmidt describes it, belongs to smart phones and data centers.
SAP, Nokia Partner On Mobile Security
With the joint venture's technology, prescription drugs, software, and other goods could be tagged with smart barcodes to protect them from counterfeiting.
E-Health Records Option Extended To Families
Dossia, whose consortium members include Wal-Mart and Intel, is making it easier for employees' dependents to sign up for electronic health records.
Cisco To Acquire ScanSafe
The market for tech companies is heating up again, as Cisco strengthens its position in Web and mobile security.
Top 10 E-mail Blunders Of 2009, So Far
Proofpoint's list of the ten biggest e-mail gaffes this year shows that organizations have yet to deal with the risks of e-mail.
Trend Micro Secures Virtual, Cloud Servers
To address unique server security challenges, Trend Micro is connecting its Deep Security software to virtual machines and the cloud.
Evidence Points To China In Cyber Attacks
A Northrup Grumman report suggests that the Chinese government is behind a coordinated series of attacks on U.S. government and private sector computer systems.
Web 2.0 Summit: The Browser Is What Matters
Google's Sundar Pichai provides some hints about his company's upcoming browser-based Chrome operating system.
Secret Service To Revamp Ailing IT Systems
In an effort to avoid 'mission failure,' the agency plans to deploy new storage systems, virtualize servers, modernize databases, and expand mobile and wireless capabilities.
Web 2.0 Summit: PayPal's Platform Plans
With talk of the death of cash, PayPal president Scott Thompson painted a rosy future for payments delivered through mobile devices.
Google Search Appliance Gets Smart
Corporate searchers can now look forward to more relevant search results, thanks to improvements in the Google Search Appliance.
NSA Director Tapped For Cyber Command
Lt. Gen. Keith Alexander will be in charge of cyberwarfare and the security of military networks.
Mozilla Restores Blocked Microsoft Extension For Firefox
A controversial Firefox extension is working again after being blocked as a security risk over the weekend.
Facebook, Twitter Join Google In Net Neutrality Battle
New rules governing online communication are expected later this week and Internet companies are making sure their concerns are heard.
Full Nelson: The Growing Threat Of Cyberwarfare
Many more casualities will pile up, but policy and agreements will prove meaningless against today's anonymous cyberwarrior.
Global CIO: In Oracle Vs. SAP, IBM Could Tip Balance
The big IT players are realigning and while Oracle's love-fest with Salesforce.com is nice, Oracle will need a whole lot more friends than that to compete against not just SAP but also IBM.
NASA Told To Plug IT Security Holes
The space agency has suffered hundreds of security incidents, including malware, data breaches, stolen laptops, and bot nets, according to the GAO.
Google Tips For Burying Ugly Search Results
To manage your search engine reputation, Google suggests saying less is more, except when saying more is more.
Laptop Theft Nets Data On 800,000 Doctors
The stolen laptop contained personal data on nearly every physician in the country.
Mozilla Launches Plugin Check To Secure Firefox
Browser security suffers when plugins aren't up-to-date. So Mozilla has developed a Web-based plugin update checker.
Adobe Fixes 29 Flaws In Acrobat And Reader
At least one of the vulnerabilities addressed is being actively exploited.
Google Postini Customers Fuming Over Outage
E-mail delivery problems dogged Google's Postini Tuesday, and the company's business customers are demanding better communication.
AT&T Bolsters Managed Security Services
The carrier's offerings aim to provide enterprise customers with security threat analysis and customizable device management.
Apple Acknowledges Snow Leopard Bug
The flaw, which may delete personal data, is related to a change in the way the operating system handles guest accounts.
Microsoft Releases Mammoth Security Patch
The company's 13 security bulletins set a record and bring Windows 7 its first official fixes.
T-Mobile, Microsoft Promise $100 Gift Card For Lost Data
But most customers will see their data restored, the two companies hope.
Google Helps Webmasters Spot Malware
In an effort to help owners of compromised Web sites find and remove hidden malware, Google is now offering a malware identification tool to Webmasters who have registered their sites with the company.
Microsoft, T-Mobile Apologize For Data Loss, Offer Month Credit
Sidekick users who lost their data won't be getting it back. T-Mobile and Microsoft say the data is gone.
Cyberwar Readiness Recast As Low Priority
Preparedness for cyberwar should have a place in U.S. defense planning, but resources are better spent on bolstering potentially vulnerable infrastructure, according to think tank RAND.
Google Patches Android DoS Flaws
The patch fixes flaws that would enable malformed SMS messages or mobile applications to crash Android 1.5 handsets.
Google Patches Google Pack Vulnerability
Google Pack, the company's collection of free Google and third-party applications, had a vulnerable component that Google has just fixed.
Microsoft Security Fix Breaks Record Set In June
Next week's "Patch Tuesday" will keep IT administrators busy. Fixes include two zero-day vulnerabilities, at least one of which is actively being exploited.
Google Robbed By Botnet
A botnet designed to facilitate click fraud is defrauding advertisers and denying potential revenue to Google and other search engines.
100 Phishers Charged In Largest Cybercrime Case
A two-year international phishing investigation involving the FBI and authorities in Egypt has led to charges against 53 people in the U.S. and 47 overseas.
Google Offers Advice On Strong Passwords
Passwords remain the primary means of online authentication, despite their shortcomings. That's why Google wants to make sure users' passwords won't be easily defeated.
CBS Interactive Sued For Distributing China's Green Dam Filter
Internet filter maker Solid Oak Software has filed a lawsuit against CBS Interactive's ZDNet China for distributing China's Green Dam filtering software, which allegedly includes the company's code.
Heartland, After The Hacking
The data breach at Heartland Payment Systems was a disaster for the company. But after picking up the pieces, the company is looking ahead to a more secure future.
Microsoft Blocks Hacked Hotmail Accounts
Phishing scam may also have breached e-mail services offered by Google and Yahoo.
Glide Health Makes Medical Records Mobile
With the support of Integrated Medical Professionals, a large medical group, Glide Health aims to make medical records accessible from any mobile phone.
Federal Taskforce To Focus On Cybersecurity Metrics
Cross-agency taskforce will emphasize cybersecurity outcomes over compliance, says federal CIO Kundra
Wolfe's Den Interview: Pacific Labs CIO Talks Cloud Computing Security
Jerry Johnson, chief information officer of Pacific Northwest National Laboratory, offers insights into cloud security, the war on cybercrime, and the expansion of the perimeter.
Amazon Settles Kindle Deletion Lawsuit For $150,000
A student who sued Amazon in June for deleting a copy of the book 1984 from his Kindle e-book reader has won limited deletion protection for other Kindle users.
AT&T Buys VeriSign Security Consulting Unit
The deal could boost AT&T's network-based security offering to enterprise customers.
Beware Hijacked Social Networking Accounts, FBI Warns
Social networking sites are becoming a more popular attack vector for cybercriminals because people trust those they believe to be friends.
IBM To Launch Web-Based E-Mail Service
LotusLive iNotes puts Big Blue into competition with Google's Gmail service.
Mozilla Tests More Secure Firefox
Versions of Firefox with enhanced cross-site scripting protection have been released for testing.
RIM Patches BlackBerry Phishing Flaw
The vulnerability can make the smartphone think a malicious Web site is a trusted one.
US Agreement With ICANN Leaves Much Undone
The oversight of the Internet's infrastructure will become more international under a new government agreement with ICANN. But many concerns remain unresolved.
Google's Postini May Shape Wave Security
Two years after being acquired by Google, Postini is looking to extend its messaging management tools to other Google services.
Internet Has Never Been More Dangerous, Report Says
The Anti-Phishing Working Group reports record levels of fake antivirus software and other malware.
TSA Awards $493 Million Contract To CSC
The Transportation Security Administration has replaced Unisys with Computer Sciences Corporation as its primary managed services provider.
Global CIO: Accenture Should Start Buying—Here's A Shopping List
Where is it written that IT services companies have to sit back and wait to be acquired by IT product companies? Accenture has the power to reverse that trend and offer new value to CIOs.
Featured Microsite
